Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lY2-2hc1T6GYyP24a_6xIz0ht44.cer
File: lY2-2hc1T6GYyP24a_6xIz0ht44.cer (raw, json)
Hash identifier: 2NSsYsjmcjPZq2DcvOY35b9R29G7Oeobe9CX65T0X9M=
Subject key identifier: 95:8D:BE:DA:17:35:4F:A1:98:C8:FD:B8:6B:FE:B1:23:3D:21:B7:8E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9EC05B2454
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/0e25e2-7b6c-4634-a3f5-31ee355f5bd7/1/lY2-2hc1T6GYyP24a_6xIz0ht44.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/0e25e2-7b6c-4634-a3f5-31ee355f5bd7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 05:52:00 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 147.78.68.0/22
IP: 2a09:1e40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 681832031316 (0x9ec05b2454)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:52:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=958dbeda17354fa198c8fdb86bfeb1233d21b78e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:63:d3:5b:30:18:80:50:a7:d5:18:92:0a:
5c:39:60:d4:f9:93:d8:4d:4f:fb:ea:89:60:a1:34:
9a:3f:dd:2e:00:58:df:7c:89:95:06:ab:05:8b:7c:
a0:df:6e:53:3f:a9:c1:27:4b:47:a3:71:11:39:ce:
08:58:70:c8:0d:06:8c:89:74:8e:c4:cb:53:b4:c9:
7a:42:bb:f6:7f:23:cd:2c:e4:a4:3d:9e:12:7e:61:
e3:00:2e:1b:76:03:74:be:ef:1e:e5:62:36:65:b2:
99:e3:cc:a6:85:42:0b:c1:19:8e:75:67:bc:3f:74:
f2:c3:3d:c2:89:61:f8:1e:26:04:95:e9:1c:d8:5f:
3b:5d:69:4e:a5:14:06:55:ec:e4:05:60:c2:52:95:
e5:39:80:52:56:94:24:76:6b:6a:d7:e8:d2:32:3c:
2e:cf:f5:fc:42:c1:58:d5:f8:07:1a:12:f1:6a:6e:
23:ed:0c:2e:c9:fe:cd:53:b5:9b:d6:cc:97:56:15:
3e:b0:c9:5c:62:08:30:14:08:33:b8:3b:78:9b:e2:
93:ae:c0:9b:fe:38:fc:04:20:e7:a3:3b:34:56:b6:
6b:30:0c:1c:b9:f6:3b:1f:c2:11:4a:95:9b:14:b3:
6e:02:24:33:26:3b:0a:13:01:29:89:5a:9a:3c:ac:
0d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8D:BE:DA:17:35:4F:A1:98:C8:FD:B8:6B:FE:B1:23:3D:21:B7:8E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/0e25e2-7b6c-4634-a3f5-31ee355f5bd7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/0e25e2-7b6c-4634-a3f5-31ee355f5bd7/1/lY2-2hc1T6GYyP24a_6xIz0ht44.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.68.0/22
IPv6:
2a09:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
02:23:5a:69:1c:82:a8:f4:64:e4:dc:de:b2:32:f4:38:fb:e7:
64:97:2b:39:c8:c1:45:86:a2:58:f6:3a:1b:71:20:94:dc:37:
5a:1d:ad:10:2c:71:0c:17:43:40:11:0d:ec:ef:2b:de:47:f0:
48:03:f2:56:2a:79:09:aa:01:7f:6e:78:9e:38:f3:f4:f6:74:
2a:e1:1e:3d:e2:99:b8:1f:db:e1:c2:9c:8a:50:cc:fb:45:8a:
3a:3e:1a:eb:e0:24:00:99:0d:14:77:ae:61:99:17:24:83:c1:
d4:d8:e2:4c:ed:77:03:d8:da:0e:df:72:c6:98:f7:8f:50:2a:
d8:8c:a5:2d:8e:f9:9f:bc:11:6b:91:20:fe:ba:9b:f5:bb:12:
99:b5:27:f0:54:79:de:43:08:5a:ee:dd:12:a1:ee:f3:64:b5:
4c:f9:82:8d:cf:04:3e:55:f7:c5:71:8c:32:b9:93:17:b9:89:
cc:34:cb:6b:30:f9:67:32:9e:21:a3:cb:8e:31:eb:5f:cc:85:
de:aa:b9:e6:3a:eb:c9:93:dd:dc:8b:22:ad:f5:59:e4:ea:a9:
2d:de:a0:3b:b5:56:c3:9d:34:5d:1a:3a:67:dc:ab:cf:82:ff:
67:5c:75:07:76:78:84:8e:27:41:dd:4b:a0:4c:36:5a:73:a4:
65:90:a1:d8
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAJ7AWyRUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDU1MjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NThkYmVkYTE3
MzU0ZmExOThjOGZkYjg2YmZlYjEyMzNkMjFiNzhlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAsexj01swGIBQp9UYkgpcOWDU+ZPYTU/76olgoTSaP90u
AFjffImVBqsFi3yg325TP6nBJ0tHo3EROc4IWHDIDQaMiXSOxMtTtMl6Qrv2fyPN
LOSkPZ4SfmHjAC4bdgN0vu8e5WI2ZbKZ48ymhUILwRmOdWe8P3Tywz3CiWH4HiYE
lekc2F87XWlOpRQGVezkBWDCUpXlOYBSVpQkdmtq1+jSMjwuz/X8QsFY1fgHGhLx
am4j7Qwuyf7NU7Wb1syXVhU+sMlcYggwFAgzuDt4m+KTrsCb/jj8BCDnozs0VrZr
MAwcufY7H8IRSpWbFLNuAiQzJjsKEwEpiVqaPKwNDwIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFJWNvtoXNU+hmMj9uGv+sSM9IbeOMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0LzBlMjVlMi03YjZjLTQ2MzQt
YTNmNS0zMWVlMzU1ZjViZDcvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvMGUyNWUyLTdiNmMtNDYzNC1h
M2Y1LTMxZWUzNTVmNWJkNy8xL2xZMi0yaGMxVDZHWXlQMjRhXzZ4SXowaHQ0NC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCk05EMA0EAgACMAcDBQMqCR5AMA0GCSqGSIb3DQEBCwUAA4IBAQAC
I1ppHIKo9GTk3N6yMvQ4++dklys5yMFFhqJY9jobcSCU3DdaHa0QLHEMF0NAEQ3s
7yveR/BIA/JWKnkJqgF/bnieOPP09nQq4R494pm4H9vhwpyKUMz7RYo6Phrr4CQA
mQ0Ud65hmRckg8HU2OJM7XcD2NoO33LGmPePUCrYjKUtjvmfvBFrkSD+upv1uxKZ
tSfwVHneQwha7t0Soe7zZLVM+YKNzwQ+VffFcYwyuZMXuYnMNMtrMPlnMp4ho8uO
MetfzIXeqrnmOuvJk93ciyKt9Vnk6qkt3qA7tVbDnTRdGjpn3KvPgv9nXHUHdniE
jidB3UugTDZac6RlkKHY
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:25:51 2025 by rpki-client